第六节——用户和用户组管理

<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">没有用户名，只有密码的认证方式称为token<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">有用户名(ID)<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">和密码，通常称为认证identity(username/passwd)<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户的主要作用是实现资源的分配<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">资源的分配有三个层次，也称为3A<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">概念<o:p></o:p>
authentication <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">认证（识别用户）<o:p></o:p>
authorzation  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">授权<o:p></o:p>
accouting  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">审计<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">对于linux<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">来讲，用户有两类：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">管理员：root  ID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">：0<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">普通用户： ID  1-65535<o:p></o:p>
  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">系统用户 ID  1-499<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">守护进程获取资源进行权限分配<o:p></o:p>
  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">登录用户 ID  [500+  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">交互式登录的用户<o:p></o:p>
linux<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">组：groupname/GID<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">管理员组：root 0<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">普通组：<o:p></o:p>
 <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">系统组：1-499   centOS7<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">为1-999<o:p></o:p>
 <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">普通组：[500+   centOS7<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">为[1000+<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">组用以实现将用户和某一类权限建立联系。<o:p></o:p>
linux<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">的安全上下文：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">我们操作计算机是依靠运行程序实现的，进程是以发起者的身份运行的，文件的权限位会对进程的发起者限制，这一概念为linux<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">进程的安全上下文，一个进程能够访问多少资源取决于进程发起者的身份。<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">我们站在用户的角度，linux<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">中的组有两类： 
        <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户的基本组，组名同用户名，仅包含一个组，为私有组。<o:p></o:p>
   <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户的附加组，额外组。<o:p></o:p>
linux<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">中同用户和组相关的配置文件：<o:p></o:p>
/etc/passwd  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户及其属性信息<o:p></o:p>
/etc/group   <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户组及其属性信息<o:p></o:p>
/etc/shadow  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户密码及其属性信息<o:p></o:p>
/etc/gshadow  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">组密码及其相关属性<o:p></o:p>
/etc/passwd<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">下的7<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">个字段：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户名:<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">密码:UID:GID:GES(<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户附加信息):<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">家目录:<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">默认shell<o:p></o:p>
/etc/group<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">下的四个字段<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">组名：组密码占位符：组ID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">：以当前组为附加组用户的列表<o:p></o:p>
/etc/shadow 9<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">个字段<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户名：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">加密密码：使用单项加密原理，MD5<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">算法，记录了加密方式和加入的杂质<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">最近一次修改密码的时间：从1970.01.01 00:00<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">至今过去的完整天数<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">密码最小使用期限：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">密码最大使用期限：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">密码警告时间：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">密码禁用期：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">账号过期日期：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">保留字段<o:p></o:p>
#md5sum file <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">提取特征码  md5<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">（message digest 5<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">） <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">输出定长为128bit<o:p></o:p>
#sha1sum file <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">提取特征码<o:p></o:p>
#sha244sum file<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">提取244<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">位的特征码<o:p></o:p>
#sha512sum file <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">提取512<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">位的特征码<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">单项加密具有雪崩效应，初始条件的微小改变，将会导致结果的巨大变化<o:p></o:p>
$6$salt$............. <o:p></o:p>
6<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">为加密算法<o:p></o:p>
salt<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">为杂质，为了避免使用相同密码的单项加密结果相同，被猜出密码，所以引入了salt<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">。<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">密码的复杂策略性：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">一是使用大小写字母、数字、特殊字符中的至少三种<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">二是使用足够的长度<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">三是不使用易猜测的密码<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">四是定期更换密码，不要使用曾使用过的密码。<o:p></o:p>
<span style="font-size:14.0pt;mso-bidi-font-size:12.0pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户和组管理的命令：<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户的创建useradd<o:p></o:p>
#useradd [option]  login name<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">创建用户时会自动创建一个和用户同名的组，叫做私有组，linux<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">禁止空密码用户登录，在/etc/shadow<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">第二列表现为有两个感叹号’!!’<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">附加在用户密码串前面。<o:p></o:p>
 -u <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指定UID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">，[UID_MIN,UID_MAX],<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">定义在/etc/login.defs<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">中，如果不指定UID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">，则从已存在的最大UID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">开始+1<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">自动指定。<o:p></o:p>
 -g  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指明用户所属的基本组，可为组名，也可为GID<o:p></o:p>
 -c  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">添加用户的注释信息，可以为任意字符，有空格时应当用引号引起来。<o:p></o:p>
 -d  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指明家目录位置，不指定时在/home<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">下创建一个与用户名同名的目录。<o:p></o:p>
     <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">如果指定的目录已经存在，则不会从/etc/skel<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">中复制文件（模板文件），每个用户在创建时会在/home<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">目录下创建一个与用户名同名的目录，并从/etc/skel<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">中复制文件，这些模板文件定义了用户的环境。<o:p></o:p>
 -s  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指明用户的默认shell<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">，不指明则有缺省值，添加用户的缺省值在/etc/default/useradd<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">中定义<o:p></o:p>
 -G  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">为用户指明附加组，可以有多个，使用逗号隔开，需要注意的是，这些组事先都应存在。<o:p></o:p>
 -D  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">修改添加用户的默认值，会修改/etc/defaultuaeradd<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">文件<o:p></o:p>
      -s <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">修改默认shell<o:p></o:p>
      -g <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指定用户的基本组，指定后所有之后创建用户的基本组都一样。<o:p></o:p>
      -f <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">账号禁用期时间，宽限期、非活动期。<o:p></o:p>
 -r  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">创建系统用户，centOS6 ID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">小于500<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">，centOS7 ID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">小于1000<o:p></o:p>
#groupadd [option] group_name   <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">创建组<o:p></o:p>
 -g  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指定GID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">，范围在/etc/default/useradd<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">中修改<o:p></o:p>
#id  username  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">显示用户的真实的有效的ID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">和组的信息<o:p></o:p>
 -u  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">显示用户的UID<o:p></o:p>
 -g  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">显示用户GID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">，只显示基本组ID<o:p></o:p>
 -G  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">显示用户所有组的组ID<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">（基本组和附加组）<o:p></o:p>
 -n  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">显示用户的名称、组名称<o:p></o:p>
#su [option] [-] [user[args]]  switch user<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">切换用户或者以另外一个身份执行命令<o:p></o:p>
  su  USERNAME <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">非登录式切换，不读取目标用户的配置信息<o:p></o:p>
  su – USERNAME <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">登录式切换，会读取目标用户的配置文件，是完全切换<o:p></o:p>
root<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户切换到其他用户不需要密码<o:p></o:p>
#su [-] username –c ‘COMMAND’<o:p></o:p>
   -l  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">相当于‘-’<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">，表示登录式切换，即读取配置文件切换。<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户的属性修改：<o:p></o:p>
#usermod [option] [login_name]<o:p></o:p>
  -u  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指定新的UID<o:p></o:p>
  -g  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指定新的GID<o:p></o:p>
  -G  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指定新的附加组，原来的附加组会被覆盖，<o:p></o:p>
      -a(appead)  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">追加   -G–a <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">追加附加组<o:p></o:p>
  -s  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">修改默认shell<o:p></o:p>
  -c  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">修改新的注释信息<o:p></o:p>
  -d  /path/to/home  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指定新的家目录，不会创建目录，但是原目录中的文件不移动，且普通用户修改家目录后，原家目录不能进行访问，如果要同时移动文件，需要使用-m<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">选项，创建目录并移动。<o:p></o:p>
  -l  login_name  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">指定新的名字<o:p></o:p>
  -L  lock<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">锁定指定用户，在/etc/passwd<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">文件密码列前加一个感叹号。<o:p></o:p>
  -U  unlock<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">解锁指定用户<o:p></o:p>
  -e  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">账户被禁用的日期YY-MM-DD<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">格式<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">给用户添加密码：<o:p></o:p>
#passwd username  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">给指定用户添加密码，如果不指定参数则默认为当前用户修改密码。<o:p></o:p>
  -l  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">锁定用户<o:p></o:p>
  -u  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">解锁用户<o:p></o:p>
  -n  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">密码最短使用期限<o:p></o:p>
  -x  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">密码最长使用期限<o:p></o:p>
  -w  warndays <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">提前多少天警告用户修改密码<o:p></o:p>
  -i   inactivedays<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">非活动期限（密码过期后的宽限期）<o:p></o:p>
  --stdin  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">从标准输入接受密码，不再是交互式界面，成功与否都有信息输出，如果不想看可以将信息定向到/dev/null<o:p></o:p>
/dev/null <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">数据黑洞<o:p></o:p>
/dev/zero <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">零生成器，要多少有多少<o:p></o:p>
root<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">用户能够添加修改其他用户密码<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">普通用户只能够修改自己的密码<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">没有密码的用户不能修改密码<o:p></o:p>
passwd<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">命令操作的是/etc/shadow<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">文件<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">删除用户：<o:p></o:p>
#userdel  [option]... login_name  <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">删除指定用户<o:p></o:p>
  -r <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">删除用户的家目录<o:p></o:p>
<span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fareast-theme-font:minor-fareast;mso-hansi-font-family:calibri;mso-hansi-theme-font:minor-latin;">组信息修改：<o:p></o:p>
#groupmod [option]... group_name <span style="mso-bidi-font-size:10.5pt;font-family:宋体;mso-ascii-font-family:calibri;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:宋体;mso-fare

「一键投喂软糖/蛋糕/布丁/牛奶/冰阔乐！」